[gnutls-help] use certtool to manage a own CA
mail at lechevalier.se
Mon Feb 10 19:47:30 CET 2014
I believe you specify this in the template.cfg
(http://gnutls.org/manual/html_node/certtool-Invocation.html at the
bottom of the page)
serial = 001
crl_number = 1
If you omit the serial option, a time based serial will be generated. Do
you need anything else than a random number? For CRLs, it should be easy
enough to script or handle manually.
Doesn't OpenSSL handle this in a psuedo-scripted way anyway with CA.pl
or CA.sh ? Anyway you can use -set_serial or -CAcreateserial
On 2014-02-03 10:30, Randy Li wrote:
> I use openssl to create and verify the certificate before, now I want to
> switch to gnutls.
> I find that it seems that certtool won't record the verified certificats
> and update the serial number or
> crl number like openssl. So I have to do that in hand?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnutls-help